Robert Shimonski

Robert Shimonski is an ethical hacker and a professional IT leader who has led numerous efforts to architect, design, strategize and implement enterprise solutions that must remain secure. Rob has been involved in security and technology operations for over 25 years and has written his books from the trenches of experience.

Articles & Books From Robert Shimonski

Article / Updated 12-17-2021
Every pen tester needs a solid toolkit. There is no one size fits all when it comes to penetration testing. Keep these considerations in mind as you’re building your toolkit: The toolkit you create will be on a portable device. A laptop or portable workstation provides you with the best outcome. You need to connect to networks to conduct tests.
Article / Updated 12-17-2021
As a pen tester you need a solid understanding of how attackers operate and how potential attacks occur. Here, you discover a few items you need to make sure your system, identity, session, or other form of communications are not assumed by an attacker. Many of these tools — such as Kali, Nessus, Wireshark — should be in your penetration testing toolkit.
Article / Updated 12-17-2021
After you complete the preparation work, you’re ready to do a pen test! Here you walk through the process of the penetration test and then look at the results of the assessment, as well as methods of prevention. Always be absolutely careful when you’re working on a live network in production. Even better is to use a lab to learn how to conduct a pen test prior to doing it on a live network.
Article / Updated 12-17-2021
Your pen test report should come from a combination of the tools you use (some generate reports) and your own written work to explain overall health of the environment. A pen test report comprises any sections outlined in the scope of the project, but this list shows sections that commonly appear: Executive summary: The executive summary briefly summarizes all of the key details of the report.
Article / Updated 04-28-2021
A myth is defined as a phenomenon or a widely held idea or belief that is usually incorrect. When you think about security analysis and doing pen tests, you might have some beliefs that may be wrong.For example, years ago everyone thought that if you were called a hacker you were a bad guy. Now, that’s not the case.
Article / Updated 12-29-2021
Penetration testing is always evolving. More complex cyberattacks require more sophisticated pen tester. Here are ten tips to help you refine your pen testing skills as you continue in your career or education. Continue your education to improve your pen testing skills Keep learning. Study often and do not limit the scope of your studies.
Article / Updated 12-29-2021
As an IT professional, it doesn’t matter how much you know about penetration testing today — there is always more to learn! What you know today could become outdated as technology evolves and morphs into new innovations. With that said, here is a list of penetration testing websites and resources that will be extremely helpful to you as a security professional.
Article / Updated 12-14-2021
Metasploit is a penetration testing tool maintained by Rapid7. You can download a free trial for Linux or Windows and get it up and running pretty easily for test and use within minutes.If you want to learn to use this penetration testing tool and run your first pen test with it, simply sign up for an account by accessing the free trial links.
Article / Updated 12-17-2021
The ultimate goal to penetration testing is to test your technology assets for their security, their safeguards, and controls by trying to penetrate through any configured defenses. But pen testing can be broken down into individual smaller goals. Pen testing, although a hot topic, isn’t a new concept nor is it an incredibly difficult one.
Penetration Testing For Dummies
Target, test, analyze, and report on security vulnerabilities with pen testingPen Testing is necessary for companies looking to target, test, analyze, and patch the security vulnerabilities from hackers attempting to break into and compromise their organizations data. It takes a person with hacking skills to look for the weaknesses that make an organization susceptible to hacking.